Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Using DD to Read Data from Oracle Datafiles

Re: Using DD to Read Data from Oracle Datafiles

From: Naqi Mirza <naqimirza_at_yahoo.com>
Date: Wed, 7 Feb 2007 02:22:50 -0800 (PST)
Message-ID: <28432.24036.qm@web32413.mail.mud.yahoo.com> 




Thanks Steve, the files will be offline and one of the main purposes of this is to show that data, can be read out of an oracle datafile by a malicious user (sure specifying the count and skip could take some doing by a hacker, but its still possible). Even with vpd and label security the dba (the insider threat) could still get access to this data. This is one of the reasons of pushing the use of TDE at a site - need to check and confirm if this same information is encrypted in the datafiles.
Thanks.

Naqi

----- Original Message ----
From: Steve Adams <steve.adams@ixora.com.au>
To: naqimirza@yahoo.com
Cc: "Oracle-L @ freelists.org" <oracle-l@freelists.org>
Sent: Wednesday, 7 February, 2007 2:18:24 PM
Subject: Re: Using DD to Read Data from Oracle Datafiles

Hi Naqi,

The numbers are stored in a coded format. Check the Oracle documentation 
for the format, or Google for it on various other web sites.

You also need to ensure that you consult the row directory in the block 
to find valid row offsets, the ITLs and corresponding undo segments to 
check for transactional integrity, and so on. Just using strings, even 
for purely text data, is not reliable.

@   Regards,
@   Steve Adams
@   Oracle-L List Administrator
@   http://www.ixora.com.au/         - For DBAs
@   http://www.christianity.net.au/  - For all


Naqi Mirza @ 7/02/2007 7:15 PM:
> Hi,
> I am using dd to read data out of oracle datafiles from an oracle 9i 
> database on solaris. I am using the following command:
> 
> dd if=/location_to_oracle_datafile_and_file_name.DBF bs=8192 skip=11764 
> count=8 | strings
> 
> I have a table called DEPT, querying dba_extents, I see that its 
> block_id is 11764. It also have 8 blocks assigned to it. Now using the 
> above, I get the following output:
> 
> OPERATIONS
> BOSTON,
> SALES
> CHICAGO,
> RESEARCH
> DALLAS,
> ACCOUNTING
> NEW YORK
> 
> Whats missing from here is numeric values. Since I am piping the output 
> to strings , strings will not print out numerics. Does anyone know how i 
> can use the method above to successfully read an entire table and print 
> out all its comments.
> Thanks.
> 
> 
> ------------------------------------------------------------------------
> To help you stay safe and secure online, we've developed the all new 
> Yahoo! Security Centre 
> <http://us.rd.yahoo.com/mail/uk/taglines/default/security_centre/*http://uk.security.yahoo.com/>.







	
	
		
___________________________________________________________ 
New Yahoo! Mail is the ultimate force in competitive emailing. Find out more at the Yahoo! Mail Championships. Plus: play games and win prizes. 
http://uk.rd.yahoo.com/evt=44106/*http://mail.yahoo.net/uk 



--
http://www.freelists.org/webpage/oracle-l


Received on Wed Feb 07 2007 - 04:22:50 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US